Cloudera Data Science Workbench — known CVE vulnerabilities
Every CVE whose affected-product data names Cloudera Data Science Workbench, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-20091 — CVSS 9.9 (critical): An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This would allow any authenticated…
CVE-2018-11215 — CVSS 9.8 (critical): Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors.
CVE-2017-15536 — CVSS 8.8 (high): An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. Several web application vulnerabilities allow malicious…
CVE-2018-20090 — CVSS 8.3 (high): An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission…
CVE-2018-15665 — CVSS 5.3 (medium): An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.2.x through 1.4.0. Unauthenticated users can get a list of user…